A Fine Balance: Responding to Russian Cyberattacks

By Rachel Ansley

Russian cyberattacks on the eve of the US presidential elections clearly benefitted one candidate—Donald Trump. How to respond to this meddling is another matter altogether.

The Central Intelligence Agency (CIA) confirmed in a secret assessment first reported by The Washington Post that Russia was involved in the cybersecurity breach of both the Democratic and Republican National Committee networks.

The release of information connected to the Democratic National Committee (DNC) was “an attempt to influence, not directly the results of our election, but reframe the narrative around them that clearly benefitted one candidate over the other,” said Alina Polyakova, deputy director of the Dinu Patriciu Eurasia Center and senior fellow with the Future Europe Initiative at the Atlantic Council.

Polyakova joined Beau Woods, deputy director of the Atlantic Council’s Cyber Statecraft Initiative, for a Facebook Live discussion on December 13 to examine the actors and motivations involved in the cybersecurity breach during the US presidential election campaign.

In considering a US response to the cyberattack, Polyakova said “it needs to be relatively strong.” She called for policymakers to impose consequences on those members of the Russian government who are involved.

Woods, however, cautioned against an unintentional, escalatory move, thereby feeding into Russia’s narrative of itself as “constantly under assault by the West.”

Both the DNC and the Republican National Committee (RNC) were the targets of cyberattacks, but the information released came only from the DNC and others, including Democrat Hillary Clinton’s presidential campaign chairman John Podesta. “That sounds like there was a strategic intent on the side of the Russian government to target all of these organizations on both sides, but then strategically only release information connected to the Democratic Party,” said Polyakova.

Woods said the breach of the DNC, alongside the use of information resulting from the breach, were two distinct issues. The activity resulting from this cybersecurity breach is indicative of an “information campaign,” he said. However, Polyakova said it is impossible to know the motivations of the actors involved.

This “information campaign,” and the hacking incident “is not isolated,” according to Polyakova. She described how “it’s part and parcel of a broader strategy that the Russian government specifically, and others as well, have unfolded and developed in the broader European space as well,” seeking to undermine the validity of Western democracy. The campaign goes deeper than cybersecurity alone, she said. “We shouldn’t lose sight of the broader pattern and the set of influence operations,” Woods added.